Fatma Bazargan’s blog


Pandemic – Swine Flu
April 27, 2009, 3:17 pm
Filed under: General
Swine Influenza - Pandemic

Swine Influenza - Pandemic

Source: BBC News

What is swine flu?

Swine flu is a respiratory disease, caused by influenza type A which infects pigs. There are many types, and the infection is constantly changing. Until now it has not normally infected humans, but the latest form clearly does, and can be spread from person to person – probably through coughing and sneezing.

 

How worried should people be?

When any new strain of flu emerges that acquires the ability to pass from person to person, it is monitored very closely in case it has the potential to spark a global epidemic, or pandemic.

The World Health Organization has warned that taken together the Mexican and US cases could potentially trigger a global pandemic, and stress that the situation is serious. However, experts say it is still too early to accurately assess the situation fully. Currently, they say the world is closer to a flu pandemic than at any point since 1968 – rating the threat at three on a six-point scale. Nobody knows the full potential impact of a pandemic, but experts have warned that it could cost millions of lives worldwide. The Spanish flu pandemic, which began in 1918, and was also caused by an H1N1 strain, killed millions of people. The fact that all the cases in the US have so far produced mild symptoms is encouraging. It suggests that the severity of the Mexican outbreak may be due to an unusual geographically-specific factor – possibly a second unrelated virus circulating in the community – which would be unlikely to come into play in the rest of the world. Alternatively, people infected in Mexico may have sought treatment at much later stage than those in other countries. It may also be the case that the form of the virus circulating in Mexico is subtly different to that elsewhere – although that will only be confirmed by laboratory analysis. There is also hope that, as humans are often exposed to forms of H1N1 through seasonal flu, our immune systems may have something of a head start in fighting infection. However, the fact that many of the victims are young does point to something unusual. Normal, seasonal flu tends to affect the elderly disproportionately.

 

More information can be found at:

 

safe safe.

 

Fatma Bazargan

 

Advertisements


Data Privacy and Data Protection
April 25, 2009, 7:14 pm
Filed under: Security
mmm.. and who shall watch the watchers?

mmm.. and who shall watch the watchers?

 

For the last couple of days I have been reading about an interesting topic called “government trojans”. A government trojanis a spyware/Trojan/backdoor installed on a workstation or network by a law enforcement agency for the purpose of capturing information relevant to a criminal investigation. This Trojan captures private e-mail communication, VoIP traffic, data residing on hard drives, record video conferences, etc. This captured data is then sent out to a central server for processing and analysis without the prior consent or knowledge of the individual and their data privacyl.

 

The overall goal of planting the trojan in a suspect’s computer is in order to snoop on the suspect’s hard drive data and Internet traffic for any suspicious activity related to terrorism, child pornography, drug trafficking, etc.

 

Personally and even some individuals find it illegal for government to snoop into their data using these so called government trojans, let alone the other case of wiretapping the Internet traffic which some countries find it illegal where others are just fine with it.

 

You can read about it more here, here and here. It elaborates further which countries have implemented and who is planning to implement and so on.

 

Where are we going with this is the question.

 

Till then, be unwatched.

 



Various # 09 – 104
April 21, 2009, 1:07 pm
Filed under: Security

info

Some of the interesting reads I had these couple of days:

 

1. Now this is awesome, ISC2 launches Child Online Safety Program and calls it “Safe & Secure Online“: a program that invites (ISC)2 information security experts to educate school children ages 11-14 on how to protect themselves online.

 

“Safe & Secure Online is a program begun by (ISC)2 with support from Childnet International, a charity that aims to make the Internet a safe place for children. First introduced in the United Kingdom (UK) in 2006, then expanded to Hong Kong in 2007, Safe & Secure Online has reached nearly 20,000 children in those regions. The program is designed to address the gap in security advice that exists in children’s safety outreach efforts.

 

And for all of you who are maintaining your CPEs, you can do that by teaching Children on how to be safe and secure when online.

 

2. If you are thinking to set up a CERT/CSIRT at your organization then ENISA has released CERT/CSIRT Exercises Handbook with a toolset, they also have a guide on a step-by-step approach on how to set up a CSIRT and you can also find a great guide on basic collection of good practices for running a CSIRT. I found it a useful resource to start with besides others.

 

3. Talking about USB drives and how they can be vulnerable to malicious applications and viruses Mobile Armor’s KeyArmor USB drive is designed to combat these threats:    

 

“The KeyArmor solution is a military level encrypted USB drive managed by the Mobile Armor enterprise policy console, PolicyServer. KeyArmor USB drives are FIPS 140-2 Level 2 validated using on processor AES hardware encryption. KeyArmor now independently provides protection against viral and malware threats. With integrated anti-malware detection and remediation, viruses and malicious software are prevented from attacking data transferred and stored on the KeyArmor drive. This is an independent function of KeyArmor, not requiring the existence or utilization of anti-malware from the data source device. KeyArmor provides detailed auditing and logging relating to the anti-malware component, including version control, update integrity, update frequency and file status.

KeyArmor: You are neat!

 

4. This is an interesting read about eEye Digital Security that announced the Blink Server 4 that has integrated protection platform for the windows servers and applications. 

 

That’s all for now. Good day all.

 

Bazargan.



Quick Update
April 16, 2009, 12:39 pm
Filed under: Security

bo

Just being on vacation for the last couple of weeks and the coming week will be my last week enjoying being disconnected for a while.

 

But as a quick update on the happenings around is:

  • For those following the Conficker updates you can visit the Conficker Working Group website and for those who were wondering what Conficker did in first week of April well it was limited to spam and serving the victim’s with fake anti-virus products.
  • I found this simple interactive animation interesting one to understand how a simple Buffer Overflow attack works click here.
  • Infected or Compromised by Richard Bejlitch.  

 

That’s all for now.

 

Enjoy the weekend.



NMAP 4.85Beta6 Released
April 1, 2009, 8:52 am
Filed under: Security

There is a new release of NMAP 4.85Beta6 (Windows, Linux, OSX)

 

This release as per insecure.org includes further improvements such as:

§  Fixed some bugs with the Conficker detection script (smb-check-vulns)

§  SMB response timeout raised to 20s from 5s to compensate for slow/overloaded systems and networks.

§  MSRPC now only signs messages if OpenSSL is available (avoids an error).

§  Better error checking for MS08-067 patch, among others.

 

The command you can use for the Conficker scan is:

nmap -PN -T4 -p139,445 -n -v –script=smb-check-vulns –script-args safe=1 [targetnetworks]